Oracle Linux 9 : frr (ELSA-2024-0477)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. 8.3.1-11.2 - Add patches for CVE-2023-47235, CVE-2023-47234, CVE-2023-38406, CVE-2023-38407 Tenable has extracted the preceding description block...

ffr: Out of bounds read in bgpd/bgp_label.c

An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...

CVE-2023-38407

An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

SUSE CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

UBUNTU-CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...